[libvirt PATCH 00/17] Bump minimum dnsmasq version
Michal Prívozník
mprivozn at redhat.com
Wed Dec 15 08:32:35 UTC 2021
On 12/14/21 21:06, Laine Stump wrote:
> On 12/14/21 2:09 PM, Ján Tomko wrote:
>> This bumps the minimum dnsmasq version to the point where we do not need
>> capability probing, reducing it to a version check (which I will be
>> happy to remove on request).
>>
>> Unless I missed something, this also means we no longer need to spawn
>> radvd manually.
>
> The code doesn't lie! If removing the bits that were only true for older
> dnsmasq removed the lines that ran radvd, then it's true. (I recall that
> support for RA was added to dnsmasq fairly soon after the original ipv6
> support was added, and radvd was left in libvirt only because there were
> so many downstreams that still had an older dnsmasq).
>
>>
>> Note that DNSMASQ_CAPS_BINDTODEVICE was the indication of a downstream
>> mitigation of a CVE that should no longer be needed if we have
>> --bind-dynamic
>>
>> [...]
>
>> 17 files changed, 83 insertions(+), 569 deletions(-)
>
> Nice!!!
>
> After the minor fixes I noted in 03/17 and 08/17
>
> Reviewed-by: Laine Stump <laine at redhat.com>
>
> /me ponders what I should idly suggest be removed next...
Parallels driver (src/vz/)? ;-)
Michal
More information about the libvir-list
mailing list